"""
Case Type   : gs_checkse工具功能
Case Name   : 验证gs_checkse的A6检测项确保开启权限授予和回收审计检测与修复成功
Create At   : 2024/10/30
Owner       : lihongji
Description :
    1.设置audit_grant_revoke参数为0后检测A6项
    2.修复A6不符合安全项后再次检测,并查看audit_grant_revoke的值
    3.设置audit_grant_revoke参数为1后检测A6项
    4.修复A6符合安全项后再次检测,并查看audit_grant_revoke的值
Expect      :
    1.设置成功，检测打印告警信息
    2.修复成功，不打印告警信息，audit_grant_revoke的值为1
    3.设置成功，检测不打印告警信息
    4.修复成功，不打印告警信息，audit_grant_revoke的值为1
History     :
"""
import os
import time
import unittest

from testcase.utils.Logger import Logger
from testcase.utils.Common import Common
from testcase.utils.CommonSH import CommonSH
from testcase.utils.Constant import Constant
from yat.test import Node
from yat.test import macro


class GS_CHECKSE(unittest.TestCase):
    def setUp(self):
        self.log = Logger()
        self.log.info(f'----{os.path.basename(__file__)} start----')
        self.primaryNode = Node('PrimaryDbUser')
        self.sh_primary = CommonSH('PrimaryDbUser')
        self.constant = Constant()
        self.common = Common()
        self.env_path = macro.DB_ENV_PATH

    def test_gscheckse(self):
        step = ('----step1:设置audit_grant_revoke参数为0后检测A6项'
                'expect:设置成功，检测打印告警信息----')
        self.log.info(step)
        excute_msg = self.sh_primary.execute_gsguc(
            'reload', self.constant.GSGUC_SUCCESS_MSG, "audit_grant_revoke=0")
        self.assertTrue(excute_msg)
        gs_checkse_cmd = (f'source {self.env_path};'
                          f'gs_checkse -i A6 --detail')
        self.log.info(gs_checkse_cmd)
        check_res = self.common.get_sh_result(self.primaryNode, gs_checkse_cmd)
        self.assertIn("Ensure permission grant and revoke auditing is "
                      "enabled.", check_res, '执行失败' + step)

        step = ('----step2:修复A6不符合安全项后再次检测,并查看audit_grant_revoke的值 '
                'expect:修复成功，不打印告警信息，audit_grant_revoke的值为1----')
        self.log.info(step)
        gs_checkse_cmd = (f'source {self.env_path};'
                          f'gs_checkse -i B6 --detail;'
                          f'gs_checkse -i A6 --detail;')
        self.log.info(gs_checkse_cmd)
        check_res = self.common.get_sh_result(self.primaryNode, gs_checkse_cmd)
        check_sql = "show audit_grant_revoke;"
        create_res = self.sh_primary.execut_db_sql(check_sql)
        self.log.info(create_res)
        self.assertIn('1', create_res, '执行失败' + step)
        self.assertIn("Setting Database auditing succeed.",
                      check_res, '执行失败' + step)
        self.assertNotIn("Ensure permission grant and revoke auditing "
                         "is enabled.", check_res, '执行失败' + step)

        step = ('----step3:设置audit_grant_revoke参数为1后检测A6项'
                'expect:设置成功，检测不打印告警信息----')
        self.log.info(step)
        excute_msg = self.sh_primary.execute_gsguc(
            'reload', self.constant.GSGUC_SUCCESS_MSG, "audit_grant_revoke=1")
        self.assertTrue(excute_msg)
        gs_checkse_cmd = (f'source {self.env_path};'
                          f'gs_checkse -i A6 --detail')
        self.log.info(gs_checkse_cmd)
        check_res = self.common.get_sh_result(self.primaryNode, gs_checkse_cmd)
        self.assertNotIn("Ensure permission grant and revoke auditing "
                         "is enabled.", check_res, '执行失败' + step)

        step = ('----step4:修复A6不符合安全项后再次检测,并查看audit_grant_revoke的值 '
                'expect:修复成功，不打印告警信息，audit_grant_revoke的值为1----')
        self.log.info(step)
        gs_checkse_cmd = (f'source {self.env_path};'
                          f'gs_checkse -i B6 --detail;'
                          f'gs_checkse -i A6 --detail;')
        self.log.info(gs_checkse_cmd)
        check_res = self.common.get_sh_result(self.primaryNode, gs_checkse_cmd)
        check_sql = "show audit_grant_revoke;"
        create_res = self.sh_primary.execut_db_sql(check_sql)
        self.log.info(create_res)
        self.assertIn('1', create_res, '执行失败' + step)
        self.assertIn("Setting Database auditing succeed.",
                      check_res, '执行失败' + step)
        self.assertNotIn("Ensure permission grant and revoke auditing "
                         "is enabled.", check_res, '执行失败' + step)

    def tearDown(self):
        step = '----step5:清理环境 expect:成功----'
        self.log.info(step)
        revoke = self.sh_primary.execute_gsguc(
            'reload', self.constant.GSGUC_SUCCESS_MSG, "audit_grant_revoke=1")
        self.assertTrue(revoke)
        self.log.info(f'----{os.path.basename(__file__)} end----')